
//Copyright 1997-2009 Syrinx Development, Inc.
//This file is part of the Syrinx Web Application Framework (SWAF).
// == BEGIN LICENSE ==
//
// Licensed under the terms of any of the following licenses at your
// choice:
//
//  - GNU General Public License Version 3 or later (the "GPL")
//    http://www.gnu.org/licenses/gpl.html
//
//  - GNU Lesser General Public License Version 3 or later (the "LGPL")
//    http://www.gnu.org/licenses/lgpl.html
//
//  - Mozilla Public License Version 1.1 or later (the "MPL")
//    http://www.mozilla.org/MPL/MPL-1.1.html
//
// == END LICENSE ==
using System;
using Swaf.Instrumentation;

namespace Swaf.Security
{
	/// <summary>
	/// The AccessDeniedException inherits from the BaseException class and is thrown by the 
	/// ISecurityPrincipal.assert method.  Whenever this exception is thrown and entry is 
	/// automatically added to the Audit log containing information about the security violation 
	/// including the username and the resource trying to be accessed.
	/// </summary>
	[Serializable]
	public class AccessDeniedException : BaseException
	{
		public static IPerformanceCounter s_securityCounter;
		/// <summary>
		/// Constructor for instancing an AccessDeniedException from serialization info
		/// </summary>
		/// <param name="info"></param>
		/// <param name="context"></param>
		public AccessDeniedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) : base(info, context)
		{
		}

		/// <summary>
		/// Constructor for instancing an AccessDeniedException from code.
		/// </summary>
		/// <param name="principal"></param>
		/// <param name="resourceName"></param>
		public AccessDeniedException(ISecurityPrincipal principal, string resourceName) : base(string.Format("Access Denied to resource {0} for user {1}", resourceName, principal.userName))
		{
			string addInfoText="";
			if (principal.additionalInfo != null)
				addInfoText = principal.additionalInfo.Xml;
			writeAudit("Security.AccessDenied", addInfoText);
			if (s_securityCounter != null)
			{
				s_securityCounter.increment();
			}
		}
	}
}
